package org.eurekaclinical.common.auth;

import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
import org.eurekaclinical.common.comm.User;
import org.eurekaclinical.standardapis.dao.UserDao;
import org.eurekaclinical.standardapis.entity.RoleEntity;
import org.eurekaclinical.standardapis.entity.UserEntity;
import org.eurekaclinical.standardapis.exception.HttpStatusException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/eurekaclinical-common-5.1-Alpha-1.jar:org/eurekaclinical/common/auth/AuthorizedUserSupport.class */
public final class AuthorizedUserSupport<E extends UserEntity<? extends RoleEntity>, D extends UserDao<E>, U extends User> extends AbstractUserSupport<E, U> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) AuthorizedUserSupport.class);
    private final D userDao;

    public AuthorizedUserSupport(D d) {
        this.userDao = d;
    }

    @Override // org.eurekaclinical.common.auth.AbstractUserSupport, org.eurekaclinical.common.auth.UserSupport
    public boolean isSameUser(HttpServletRequest httpServletRequest, E e) {
        return isSameUser(httpServletRequest, e.getUsername());
    }

    public E getUser(HttpServletRequest httpServletRequest) {
        Principal userPrincipal = getUserPrincipal(httpServletRequest);
        E e = (E) this.userDao.getByPrincipal(userPrincipal);
        if (e == null) {
            throw new HttpStatusException(Response.Status.FORBIDDEN, "User " + userPrincipal.getName() + " is not authorized to use this resource");
        }
        return e;
    }
}
